A Security Assessment of Android Full-disk Encryption
Lost or stolen smartphones need protection. Full-disk encryption has become a popular method of protecting data stored on a smartphone against such events. In this article we introduce two attacks on full-disk encryption for Android. The first targets older pre-Android 5.0 versions. This attack is well known and exploitation tools are publicly available. Android 5.0 claims to have resolved the previous attack. We describe a new attack on Android 5.0, which does not take significantly longer to conduct than the pre-Android 5.0 exploit. We also discuss potential countermeasures, observing that simple solutions are hard to find.